A method for securing a webpage or a webapp processed by a browser executing on a client system, the method comprising the browser executing an instance of white-box protected code, wherein execution of the instance of white-box protected code causes the client system to: generate a message comprising message data for use by a control system to perform one or more security tests, the control system communicably connected to the client system via a network; send the message to the control system to enable the control system to perform the one or more security tests using the message data; receive a response from the control system based, at least in part, on the message; and process the response.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A method for securing a webpage or a webapp processed by a browser executing on a client system, the method comprising the browser executing an instance of white-box protected code, wherein execution of the instance of white-box protected code causes the client system to: generate a message comprising message data for use by a control system to perform one or more security tests, the control system communicably connected to the client system via a network; send the message to the control system to enable the control system to perform the one or more security tests using the message data; receive a response from the control system based, at least in part, on the message; and process the response; wherein the response comprises response data and wherein the instance of white-box protected code is arranged to generate, based on the response data, message data of a subsequent message for use by the control system to perform the one or more security tests.
2. The method of claim 1 , wherein the instance of white-box protected code is part of the webpage or webapp.
3. The method of claim 1 , wherein the one or more security tests comprises one or more of: (a) a test to verify integrity of some or all of the instance of white-box protected code; (b) a test to verify integrity of some or all of the webpage or webapp; (c) a test to identify whether the instance of white-box protected code is being executed using a debugger; (d) a test to identify whether data relating to, or provided by, the webpage or webapp is being, or has been, copied; (e) a test to identify whether validation of data fields of the webpage or webapp is turned on or off; (f) a test to identify whether blocking of advertisements is turned on or off.
4. The method of claim 3 , wherein the test to verify integrity of some or all of the webpage or webapp comprises verifying integrity of some or all of the DOM of the webpage or webapp.
5. The method of claim 1 , wherein one or both of the following apply: (i) the response is generated, at least in part, based on an outcome of the one or more security tests; and (ii) the response, when processed by the client system, causes the client system to perform one or more of: (a) provide, or continue to provide, functionality of the webpage or webapp; (b) prevent provision of, or cease provision of, functionality of the webpage or webapp; (c) provide functionality that is alternative or supplementary to functionality of the webpage or webapp; (d) change one or more configuration settings of the client system and/or of the browser.
6. The method of claim 5 , wherein the response data identifies (i) one or more portions of the instance of white-box protected code and/or (ii) one or more portions of the webpage or webapp, wherein an integrity verification test is to be performed by the control system based on said one or more portions.
7. The method of claim 1 , wherein the instance of white-box protected code is arranged to generate the message in encrypted form and wherein the control system is arranged to generate the response in encrypted form.
8. The method of claim 1 , wherein said webpage or webapp is arranged to interact with a service system communicably connected to the client system via a network, wherein the message comprises a request to be sent to the service system.
9. The method of claim 1 , wherein the webpage or webapp provides access to content via a content distribution network.
10. The method of claim 1 , wherein at least one of the one or more security tests is based, at least in part, on metadata associated with the instance of white-box protected code, the metadata accessible by the control system.
11. A method for securing a webpage or a webapp processed by a browser executing on a client system, the method comprising, at a control system communicably connected to the client system via a network: receiving a message from the client system, the message comprising message data for use by the control system to perform one or more security tests, the message generated by an instance of white-box protected code being executed by the browser; performing the one or more security tests using the message data; generating a response based, at least in part, on the message; and sending the response to the client system for processing by the client system; wherein the response comprises response data and wherein the instance of white-box protected code is arranged to generate, based on the response data, message data of a subsequent message for use by the control system to perform the one or more security tests.
12. The method of claim 11 , wherein the instance of white-box protected code is part of the webpage or webapp.
13. The method of claim 11 , wherein the one or more security tests comprises one or more of: (a) a test to verify integrity of some or all of the instance of white-box protected code; (b) a test to verify integrity of some or all of the webpage or webapp; (c) a test to identify whether the instance of white-box protected code is being executed using a debugger; (d) a test to identify whether data relating to, or provided by, the webpage or webapp is being, or has been, copied; (e) a test to identify whether validation of data fields of the webpage or webapp is turned on or off; (f) a test to identify whether blocking of advertisements is turned on or off.
14. The method of claim 13 , wherein the test to verify integrity of some or all of the webpage or webapp comprises verifying integrity of some or all of the DOM of the webpage or webapp.
15. The method of claim 11 , wherein one or both of the following apply: (i) the response is generated, at least in part, based on an outcome of the one or more security tests; and (ii) the response, when processed by the client system, causes the client system to perform one or more of: (a) provide, or continue to provide, functionality of the webpage or webapp; (b) prevent provision of, or cease provision of, functionality of the webpage or webapp; (c) provide functionality that is alternative or supplementary to functionality of the webpage or webapp; (d) change one or more configuration settings of the client system and/or of the browser.
16. The method of claim 15 , wherein the response data identifies (i) one or more portions of the instance of white-box protected code and/or (ii) one or more portions of the webpage or webapp, wherein an integrity verification test is to be performed by the control system based on said one or more portions.
17. The method of claim 11 , wherein the instance of white-box protected code is arranged to generate the message in encrypted form and wherein the control system is arranged to generate the response in encrypted form.
18. The method of claim 11 , wherein said webpage or webapp is arranged to interact with a service system communicably connected to the client system via a network, wherein the message comprises a request to be sent to the service system.
19. The method of claim 18 , comprising one or more of: (a) the control system interacting with the service system; (b) determining, based on an outcome of the one or more security tests, whether the control system should interact with the service system and, if it is determined that the control system should interact with the service system, the control system interacting with the service system; (c) the control system storing data, based on the message, in a repository for subsequent access by the service system; and (d) the control system providing the service system an indication of an outcome of the one or more security tests.
20. The method of claim 19 , wherein one or both of the following apply: (a) the response is generated based, at least in part, on the interaction of the control system with the service system; and (b) the response comprises a reply, from the service system, to the request.
21. The method of claim 11 , wherein the webpage or webapp provides access to content via a content distribution network.
22. The method of claim 11 , wherein at least one of the one or more security tests is based, at least in part, on metadata associated with the instance of white-box protected code, the metadata accessible by the control system.
23. A method for securing a webpage or a webapp processed by a browser executing on a client system, the method comprising, at a control system communicably connected to the client system via a network: receiving a message from the client system, the message comprising message data for use by the control system to perform one or more security tests, the message generated by an instance of white-box protected code being executed by the browser; performing the one or more security tests using the message data; generating a response based, at least in part, on the message; and sending the response to the client system for processing by the client system; wherein at least part of the message data is indicative of an identity of the instance of white-box protected code.
24. A method for securing a webpage or a webapp processed by a browser executing on a client system, the method comprising, at a control system communicably connected to the client system via a network: receiving a message from the client system, the message comprising message data for use by the control system to perform one or more security tests, the message generated by an instance of white-box protected code being executed by the browser; performing the one or more security tests using the message data; generating a response based, at least in part, on the message; and sending the response to the client system for processing by the client system; wherein said webpage or webapp is arranged to interact with a service system communicably connected to the client system via a network, wherein the message comprises a request to be sent to the service system, wherein the service system provides financial services and the webpage or webapp provides access to the financial services, wherein the financial services comprise one or more of: accessing a financial account; and/or financially interacting with a merchant.
25. A method for securing a webpage or a webapp processed by a browser executing on a client system, the method comprising, at a control system communicably connected to the client system via a network: receiving a message from the client system, the message comprising message data for use by the control system to perform one or more security tests, the message generated by an instance of white-box protected code being executed by the browser; performing the one or more security tests using the message data; generating a response based, at least in part, on the message; and sending the response to the client system for processing by the client system; wherein the webpage or webapp provides access to content via a content distribution network; and wherein: the instance of white-box protected code is arranged to obtain a modified version of encrypted content, the modified version of encrypted content comprising the encrypted content with a first modification applied thereto; the response comprises data indicative of a second modification to apply to the modified version of encrypted content; processing the response comprises the instance of white-box protected code applying the second modification to the modified version of encrypted content to form processed modified encrypted content; and the webpage or webapp is arranged to output content based on the processed modified encrypted content.
26. The method of claim 25 , wherein the second modification is arranged so that the processed modified encrypted content equals the encrypted content only if an outcome of the one or more tests indicates that the client system is authorized to access the content.
27. The method of claim 25 , wherein: the instance of white-box protected code is arranged to receive the encrypted content and apply the first modification to the received encrypted content to thereby obtain the modified version of encrypted content; or the instance of white-box protected code is arranged to receive the modified version of encrypted content via the network.
28. A non-transitory computer-readable medium storing a computer program which, when executed by a processor of a control system communicably connected to a client system via a network, causes the processor to carry out a method for securing a webpage or a webapp processed by a browser executing on the client system, the method comprising: receiving a message from the client system, the message comprising message data for use by the control system to perform one or more security tests, the message generated by an instance of white-box protected code being executed by the browser; performing the one or more security tests using the message data; generating a response based, at least in part, on the message; and sending the response to the client system for processing by the client system; wherein the response comprises response data and wherein the instance of white-box protected code is arranged to generate, based on the response data, message data of a subsequent message for use by the control system to perform the one or more security tests.
29. A system arranged to secure a webpage or a webapp processed by a browser executing on a client system, the system comprising a control system communicably connected to the client system via a network, wherein the control system is arranged to: receive a message from the client system, the message comprising message data for use by the control system to perform one or more security tests, the message generated by an instance of white-box protected code being executed by the browser; perform the one or more security tests using the message data; generate a response based, at least in part, on the message; and send the response to the client system for processing by the client system; wherein the response comprises response data and wherein the instance of white-box protected code is arranged to generate, based on the response data, message data of a subsequent message for use by the control system to perform the one or more security tests.
30. A method of providing a webpage or a webapp to a client system, the method comprising providing a webpage or webapp that comprises an instance of white-box protected code or an address from which the instance of white-box protected code is obtainable, wherein execution of the instance of white-box protected code by a browser of the client system secures the webpage or webapp by causing the client system to: generate a message comprising message data for use by a control system to perform one or more security tests, the control system communicably connected to the client system via a network; send the message to the control system to enable the control system to perform the one or more security tests using the message data; receive a response from the control system based, at least in part, on the message; and process the response; wherein the response comprises response data and wherein the instance of white-box protected code is arranged to generate, based on the response data, message data of a subsequent message for use by the control system to perform the one or more security tests.
31. The method of claim 30 , comprising determining the particular instance, from a plurality of instances of white-box protected code, to include as part of the webpage or webapp to provide to the client system or in response to a request from the client system via the address.
32. A method comprising: generating a plurality of instances of white-box protected code, wherein execution of each instance of white-box protected code by a browser of a client system secures the webpage or webapp by causing the client system to: generate a message comprising message data for use by a control system to perform one or more security tests, the control system communicably connected to the client system via a network; send the message to the control system to enable the control system to perform the one or more security tests using the message data; receive a response from the control system based, at least in part, on the message; and process the response; and storing the plurality of instances of white-box protected code in a database accessible by the control system, wherein the control system is arranged to: receive a message from the client system, the message comprising message data for use by the control system to perform one or more security tests, the message generated by an instance of white-box protected code being executed by the browser; perform the one or more security tests using the message data; generate a response based, at least in part, on the message; and send the response to the client system for processing by the client system; wherein the response comprises response data and wherein the instances of white-box protected code are arranged to generate, based on the response data, message data of a subsequent message for use by the control system to perform the one or more security tests.
33. The method of claim 32 , comprising generating, and storing in the database, respective metadata associated with each of the plurality of instances of white-box protected code, the metadata for use by the system to perform said one or more security tests, the metadata accessible by the system.
34. A method for securing a webpage or a webapp processed by a browser executing on a client system, the method comprising the browser executing an instance of white-box protected code, wherein execution of the instance of white-box protected code causes the client system to: generate a message comprising message data for use by a control system to perform one or more security tests, the control system communicably connected to the client system via a network; send the message to the control system to enable the control system to perform the one or more security tests using the message data; receive a response from the control system based, at least in part, on the message; and process the response, wherein at least part of the message data is indicative of an identity of the instance of white-box protected code.
35. A method for securing a webpage or a webapp processed by a browser executing on a client system, the method comprising the browser executing an instance of white-box protected code, wherein execution of the instance of white-box protected code causes the client system to: generate a message comprising message data for use by a control system to perform one or more security tests, the control system communicably connected to the client system via a network; send the message to the control system to enable the control system to perform the one or more security tests using the message data; receive a response from the control system based, at least in part, on the message; and process the response; wherein said webpage or webapp is arranged to interact with a service system communicably connected to the client system via a network, wherein the message comprises a request to be sent to the service system; and wherein the service system provides financial services and the webpage or webapp provides access to the financial services, wherein the financial services comprise one or more of: accessing a financial account; and/or financially interacting with a merchant.
36. A method for securing a webpage or a webapp processed by a browser executing on a client system, the method comprising the browser executing an instance of white-box protected code, wherein execution of the instance of white-box protected code causes the client system to: generate a message comprising message data for use by a control system to perform one or more security tests, the control system communicably connected to the client system via a network; send the message to the control system to enable the control system to perform the one or more security tests using the message data; receive a response from the control system based, at least in part, on the message; and process the response; wherein the webpage or webapp provides access to content via a content distribution network; and wherein: the instance of white-box protected code is arranged to obtain a modified version of encrypted content, the modified version of encrypted content comprising the encrypted content with a first modification applied thereto; the response comprises data indicative of a second modification to apply to the modified version of encrypted content; processing the response comprises the instance of white-box protected code applying the second modification to the modified version of encrypted content to form processed modified encrypted content; and the webpage or webapp is arranged to output content based on the processed modified encrypted content.
37. The method of claim 36 , wherein the second modification is arranged so that the processed modified encrypted content equals the encrypted content only if an outcome of the one or more tests indicates that the client system is authorized to access the content.
38. The method of claim 36 , wherein: the instance of white-box protected code is arranged to receive the encrypted content and apply the first modification to the received encrypted content to thereby obtain the modified version of encrypted content; or the instance of white-box protected code is arranged to receive the modified version of encrypted content via the network.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
December 14, 2016
December 15, 2020
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.